Thesis

Understanding susceptibility to phishing in mobile instant messaging applications

Downloadable Content

Download PDF
Creator
Rights statement
Awarding institution
  • University of Strathclyde
Date of award
  • 2026
Thesis identifier
  • T17674
Person Identifier (Local)
  • 201993595
Qualification Level
Qualification Name
Department, School or Faculty
Abstract
  • Mobile Instant Messaging (MIM) applications, including WhatsApp, Viber, and Telegram, are among the most prevalent communication methods, utilising users' mobile devices and existing internet data plans to facilitate real-time text, voice, and video communication over the internet. Recently, concerns have been raised regarding cybercriminals' adoption of these applications to propagate phishing campaigns. Yet, little attention has been given to understanding phishing in such platforms, specifically the behaviour of users and the attackers' tactics and techniques that can increase susceptibility. The studies described in this thesis examined susceptibility to phishing in MIM applications. The first study employed an exploratory approach, using an online questionnaire to assess whether users' self-reported behaviours during MIM expose them to phishing risks. The second study employed qualitative content analysis to examine the tactics and techniques used by cybercriminals in MIM phishing messages. The third study employed a factorial vignette survey to investigate the effect of specific features of MIM applications on susceptibility to phishing. The findings indicate that users frequently click on and share links, and seek to mitigate their susceptibility to phishing by engaging with links from individuals within their social cycles, while demonstrating a greater tendency to share links received in private rather than in public groups. The findings indicate that, unlike email phishing but similar to vishing, social proof is the predominant persuasion principle in MIM phishing, while URL construction techniques show similarities across MIM and other phishing media. Furthermore, empirical results have been found to underscore the user-sender relationship, link preview, and habitual MIM app usage as significant factors in susceptibility to phishing in MIM applications. This thesis highlights both the social and technical dimensions of MIM phishing, underscoring the need for phishing awareness programs and security features that consider link previews, habitual behaviours and social context within MIM apps.
Advisor / supervisor
  • Terzis, Sotirios, 1973-
  • K., Renaud
Resource Type
DOI

Relations

Items

Thumbnail Title Date Uploaded Visibility Actions
file details PDF of Thesis T17674 2026-05-07 Public Download